In recent years, protecting one's personal information from identity theft and other forms of misappropriation has been a growing concern for many consumers. With increased frequency, consumers are being asked to provide personal identifying information over the phone or the Internet. For example, many companies offer automated phone services wherein a customer can call into a designated customer service phone line to receive account information and services such as current balance information, past balances, payments received, payments due and bill payment options, to name a few. To access these services, the customer is required to enter, either verbally or through a key pad, potentially sensitive personal information such as a social security number, an account number, an address or a driver's license number. For many of these automated systems, the customer is requested to enter this personal information at the beginning of the call, which is then used by the system to determine where the call should, at least initially, be routed. In some situations, the call may need to be routed to a database in a server to retrieve automated account information, while in other situations, the call may need to be routed to an appropriate customer service representative. Nevertheless, the routing paths are generally not direct, meaning that the call, including the potentially sensitive personal information, will ultimately be passed through several routers, gateways or servers before reaching its destination. Each time the call is passed from one system component to another along its routing path, the security of the information is at risk for being unintentionally disclosed.
A known method for protecting information as it passes through the system is to encrypt it, which successfully prevents direct access to the actual information if it is acquired by an unauthorized individual. In some cases, however, an employee may have access to a company's infrastructure and resources, allowing them to decrypt the information or to have access to the unencrypted or decrypted version of the information.
For example, in one known automated system, call routing decisions are determined by an application referred to as a strategy or script. The strategies are written by company employees (i.e., “strategy writers”), and are in essence configured to route a call based in part on the information provided by the customer. For example, if a customer calls into a bank calling center to obtain account balance information, but ultimately decides that they would like to speak to a customer service representative, the customer is likely to be asked to enter an account number. The account number, or portions thereof, is used by the strategy to direct the call to an appropriate agent. For example, one customer service agent may be charged with handling all calls relating to savings accounts, while another may be responsible for handling all calls relating to business checking. The account type is generally indicated by designated digits in the account number. Thus, the strategy is configured to “look” at the appropriate designated digits to determine the department or agent the call should be routed to. In this scenario, however, the strategy writer may have unfettered access to a customer's personal information by writing the routing strategies in a way that allows him or her to have access to the sensitive information that could later be used in an unauthorized manner.
Therefore, a call routing system is needed that prevents unauthorized persons from accessing information as the call is routed through the system.